On Thu, 2006-Apr-06 00:29:27 +0400, Sply Splyeff wrote: >There are some security problems with kernel-level script >setuid execution which discourage from using it.
The biggest problem is a race condition between the kernel setting up the set[gu]id() environment and opening the script to find the interpreter and the interpreter opening the script to execute it. This can only be fixed withing the kernel (by passing the script to the interpreter as a pre-opened FD). >Is it strong enough? Maybe there is any slippery ground >left? The biggest problem is its failure to check the sanity of the input parameters - that a particular argument actually exists before referencing it. Other issues I noticed: - strncpy() is virtually always the wrong function. You already do validation so you could just use strcpy() - strncpy(penvd + penvsz, "=", 1); could be penvd[penvsz] = '='; - No error if number of environment variables too great. -- Peter Jeremy _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
